U.S. Pat. No. 5,357,572 discusses the conflicting interests of circuit testing and protection of confidential data. On one hand, circuit testing requires that any circuit fault be made observable, which is best served by enabling direct test access to the circuit at a level of detail that suffices to expose all faults. In many cases, a test mode is used wherein test data is shifted in and out of the circuit via a scan chain, from which a test data pattern is applied to circuit parts under test and into which a response to the test data pattern is captured. On the other hand, protection of confidential data such as passwords and decryption keys stored in a memory in the circuit requires that access be impossible at a level of detail that enables reconstruction of the confidential data.
U.S. Pat. No. 5,357,572 proposes a solution to this dilemma that uses a bypass of part of the scan chain that can be used to observe the memory with confidential data. After initial tests using this part of the scan chain, testing other than via the bypass circuit is permanently disabled. This can be done by writing to a read once memory that controls the bypass, by blowing a fuse etc. Another option is to require a password to deactivate the bypass, but this makes the circuit more susceptible to hacking.
These solutions have the problem that they can obstruct the analysis of failure of the circuit, alone or when placed in the context of an application, for example as part of debugging.